Trust-based application to application connectivity

ABSTRACT

The innovation discloses systems, methods and computer program products that reduce complexity and associated measures that are taken to ensure trust in secured transactions as necessitated by requirements present only in an ecommerce environment that do not have a parallel with traditional bricks and mortar commercial transactions. 
     The innovation enables a multitude of mobile wallet applications to engage and obtain services from ecommerce applications wherein backend processing by a mobile wallet server obtains and delivers funds to ecommerce applications without sharing a subset of sensitive data, associated with a mobile wallet application user for the secured transactions.

BACKGROUND

Commerce traditionally understood as “brick and mortar” has had long standing requirements for trust in transactions that may be met in a number of manners. However, specific to types of transactions that may occur in ecommerce, enabling trust is different not only in degree, but in kind. Much more than merely “doing something on the Internet,” actual management and enabling of trust so as to then be able to “do things on the Internet” comprises a set of technical problems to which resolution, much innovation is directed. Items and scope of effort to provide functional ecommerce capabilities require specific solutions that do not exist, nor would such be required to exist, outside of an environment of ecommerce. It is a nature of these transactions within a computing environment that drives large scale innovation efforts, including, for example, encryption. While encryption is one manner of ensuring a trust based system, other innovative avenues may also be pursued.

Wireless communication devices interconnected through a wireless personal area network, e.g., Bluetooth, Near Field Communication (NFC) technologies can communicate to other wireless portable devices. These wireless technologies typically require a user through the user’s device to set up a paired connection with a remote device before the devices can exchange information. Setting up this connection may utilize an authentication phase, whereby the user may be requested to enter a password or personal identification number (PIN) to register the remote device in each device’s table of paired devices. Similarly, mobile applications can communicate to each other using these wireless communication technologies. However, such wireless network does not enable payment to the connected devices in a secure manner.

SUMMARY

The following presents a simplified summary in order to provide a basic understanding of some aspects of the innovation. This summary is not an extensive overview of the innovation. It is not intended to identify key/critical elements or to delineate the scope of the innovation. Its sole purpose is to present some concepts of the innovation in a simplified form as a prelude to the more detailed description that is presented later.

The innovation disclosed and claimed herein, in at least one aspect thereof, includes systems and methods that enable secured transactions in ecommerce situations that do not have a parallel with traditional bricks and mortar commercial transactions.

In an embodiment, a system for enabling secured transactions may comprise a plurality of user computing devices, or user devices. The system, in some embodiments, may be comprised of a single computing device. In other embodiments of the innovation, the system may be comprised of multiple user computing devices, or multiple devices belonging to a user and to others. In embodiments, each user device may comprise at least one mobile wallet application that is associated with a mobile wallet server, as well as at least one ecommerce application.

A mobile wallet server may control backend processing of a trusted, or secure, transaction, and associations between mobile wallet applications and ecommerce applications may be mapped. Ecommerce applications associated with mobile wallet applications may be registered with at least one mobile wallet application. On a device, in which at least one ecommerce application is engaged by at least one mobile wallet application, the ecommerce application so engaged provides a payment request. The system also has a secure zone on the device that stores predetermined rules and mappings of the at least one mobile wallet application and the associated at least one ecommerce application.

The system in the embodiment also has an operating system extension, or “OSE,” that may be configured to enable trusted transactions between the plurality of user devices without sharing a subset of backend financial data (or other secure/confidential data) to the at least one ecommerce application. Backend financial data is often a target of encryption or other methods in order to protect that data, and one avenue of innovation is to lessen impact of breaches of such measures by limiting sharing of data in the first place. It is to be appreciated that an embodiment may be concerned with a subset that is secured financial data associated with a user, and associated with the one or more mobile wallet applications.

In an embodiment, a configuration of an OSE may be independent of an operating system “OS” of a computing device, or device, and thus embodiments may be employed across multiple operating system environments. In another embodiment, a configured OSE may receive a payment request; may determine at least one master mobile wallet application from at least one mobile wallet application upon verifying at least a subset of predetermined rules and mappings located in a secure zone, and may send the payment request along with payment details to the at least one master mobile wallet application upon that determination. The configured OSE may also initiate an interaction between the at least one master mobile wallet application and a mobile wallet server, wherein the mobile wallet server may generate a payment confirmation message and a payment confirmation token. These generated items may be provided to the at least one master mobile wallet application that is associated with the payment request and the payment details. The configured OSE of the embodiment may receive the payment confirmation token and the payment confirmation message from the at least one master mobile wallet application and send the payment confirmation message and payment confirmation token to the ecommerce application, wherein the payment confirmation token permits the ecommerce application to process a goods or service offering associated with the payment request.

In some embodiments of the innovation, a configured OSE may further receive, from at least one ecommerce application in response to a payment confirmation message, a payment authorization request. The OSE may receive, from at least one master mobile wallet application, a payment authorization token; and may reconcile the payment authorization token received from a mobile wallet application with the payment authorization request received from the at least one ecommerce application. The reconciliation permits a funds transfer from the at least one master mobile wallet application to the ecommerce application without sharing a subset of backend financial data to the at least one ecommerce application.

In other embodiments of the innovation, a system may feature a mobile wallet application that is initiating a secured transaction with at least one ecommerce application as a thin-client mobile wallet application. The disclosed innovation provides that a thin-client mobile wallet application may be a mobile wallet application of more limited capabilities, but that may be associated with a master mobile wallet application residing on a separate one of the plurality of user device. The OSE on a user device with a thin-client mobile wallet application may be further configured to determine the computing device on which an appropriate master mobile wallet application resides, send a request for the OSE of the computing device on which the master mobile wallet application resides to continue processing a secured transaction. Such a request may trigger a message to the user associated with the master mobile wallet application. The request may indicate a number of details of the attempted transaction with the thin-client mobile wallet application; and upon receipt of an indication approving the request, the OSE of the computing device on which the appropriate master mobile wallet application resides may operate with the thin-client mobile wallet application to permit the at least one ecommerce application to process the goods or service offering.

The disclosed innovation provides that an example system may receive a payment confirmation token and a payment confirmation message from an at least one master mobile wallet application. An OSE in such an embodiment may further receive an approval through the master mobile wallet application, and that approval may be, at least in part, a result of an application of a set of rules determined by the OSE of the master-mobile-wallet-application-associated computing device, or a receipt of an approving reply to an instant message from a user associated with the master mobile wallet application, or both.

In another embodiment, a method for enabling secured transactions in ecommerce situations that do not have a parallel with traditional bricks and mortar commercial transactions is presented. Secure transactions may be between a user using a mobile wallet application on a computing device and at least one ecommerce application. A user may engage, on the computing device, an ecommerce application that has been registered with a mobile wallet application. The computing device may receive a payment request from the at least one ecommerce application, and an OSE may determine, through a set of predetermined rules, at least one master mobile wallet application. Upon verifying at least a subset of the preconfigured rules associated with at least one ecommerce application, the OSE may send, through the master mobile wallet application, at least the payment request to a mobile wallet server associated with the master mobile wallet application. The OSE, through the at least one master mobile wallet application and from the mobile wallet server, may receive a payment confirmation message along with a payment confirmation token. The OSE may send the payment confirmation message and payment confirmation token to the ecommerce application, wherein the sending permits the secured transaction to proceed; and upon completion of a provisioning of a product or service related to the ecommerce application payment request, the OSE may in turn receive a payment authorization request from the ecommerce application. The OSE, through the master mobile wallet application, may forward the payment authorization request to the mobile wallet server, and receive back, through the mobile wallet application, funds with which the OSE may resolve payment, through the mobile wallet application, with the ecommerce application.

In an embodiment, such resolution may be achieved wherein a backend processing by the mobile wallet server obtains and delivers funds without sharing a subset of sensitive data, associated with the user or with an owner associated with the master mobile wallet application, with the ecommerce application for the secured transaction.

In another embodiment, a method wherein a computing device, engaging at least one ecommerce application, need not comprise a master mobile wallet application, and instead may comprise at least a thin-client mobile wallet application. In such an embodiment, further method steps may comprise an OSE, of the device having the thin-client mobile wallet application, sending a request to at least one of a plurality of computing device associated with a master mobile wallet application so that an OSE of a computing device associated with the master mobile wallet is enabled to perform a disclosed method of the innovation. In this or similar embodiments, a further step of receiving a payment confirmation message may include an approval through the master mobile wallet application. Approvals through a master mobile wallet application may comprise approval through, at least in part; a set of rules determined by an OSE of the master-mobile-wallet-application-associated computing device, or an approving reply to an instant message from a user associated with the master mobile wallet application; or both.

In another embodiment, a non-transitory computer-readable medium configured to store instructions, that when executed by a processor, may perform operations including one or more of the system and method steps.

For these considerations, as well as other considerations, in one or more embodiments, a system for cloud service provisioning can include a memory to store computer-executable instructions and a processor, coupled to the memory, to facilitate execution of the computer-executable instructions to perform operations.

In another embodiment, a non-transitory computer-readable medium configured to store instructions, that when executed by a processor perform operations including cloud service provisioning.

To accomplish the foregoing and related ends, certain illustrative aspects of the innovation are described herein in connection with the following description and the annexed drawings. These aspects are indicative, however, of but a few of the various ways in which the principles of the innovation can be employed and the subject innovation is intended to include all such aspects and their equivalents. Other advantages and novel features of the innovation will become apparent from the following detailed description of the innovation when considered in conjunction with the drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an illustration of a typical conventional configuration.

FIG. 2 is an illustration of example system components, according to one or more embodiments.

FIG. 3 is an illustration of example method, according to one or more embodiments.

FIG. 4 is an illustration of an example interaction 400 in accordance with one or more aspects of the disclosed innovation.

FIG. 5 is an illustration of an example interaction 500 in accordance with one or more embodiments of the disclosed innovation can be implemented.

FIG. 6 is an illustration of an example computing environment where one or more of the provisions set forth herein can be implemented, according to one or more embodiments.

FIG. 7 is an illustration of an example computing environment where one or more of the provisions set forth herein can be implemented, according to one or more embodiments.

DETAILED DESCRIPTION

The innovation is now described with reference to the drawings, wherein like reference numerals are used to refer to like elements throughout. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the subject innovation. It may be evident, however, that the innovation can be practiced without these specific details.

While specific characteristics are described herein, it is to be understood that the features, functions and benefits of the innovation can employ characteristics that vary from those described herein. These alternatives are to be included within the scope of the innovation and claims appended hereto.

While, for purposes of simplicity of explanation, the one or more methodologies shown herein, e.g., in the form of a flow chart, are shown and described as a series of acts, it is to be understood and appreciated that the subject innovation is not limited by the order of acts, as some acts may, in accordance with the innovation, occur in a different order and/or concurrently with other acts from that shown and described herein. For example, those skilled in the art will understand and appreciate that a methodology could alternatively be represented as a series of interrelated states or events, such as in a state diagram. Moreover, not all illustrated acts may be required to implement a methodology in accordance with the innovation. Furthermore, the claimed subject matter can be implemented as a method, apparatus, or article of manufacture using programming or engineering techniques to produce software, firmware, hardware, or most any combination thereof to control a computer to implement the disclosed subject matter. The term “article of manufacture” as used herein is intended to encompass a computer program accessible from most any computer-readable device, carrier, or media. It is appreciated that embodiments are presented as a specific, non-limiting, examples of the innovation. Other embodiments are contemplated as well and intended to be included within the scope of this disclosure and claims appended hereto.

As used in this application, the terms “component” and “system” are intended to refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component can be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a server and the server can be a component. One or more components can reside within a process and/or thread of execution, and a component can be localized on one computer and/or distributed between two or more computers.

Furthermore, the claimed subject matter can be implemented as a method, apparatus, or article of manufacture using standard programming or engineering techniques to produce software, firmware, hardware, or most any combination thereof to control a computer to implement the disclosed subject matter. The term “article of manufacture” as used herein is intended to encompass a computer program accessible from most any computer-readable device, carrier, or media. Of course, many modifications may be made to this configuration without departing from the disclosed innovation as reflected in the claimed subject matter.

It is appreciated that embodiments are presented as a specific, non-limiting, examples of the innovation. Other embodiments are contemplated as well and intended to be included within the scope of this disclosure and claims appended hereto.

With reference now to the figures, FIG. 1 is an illustration of a typical conventional configuration. As may be recognized in the art, user device 102 may have an operating system 104, and a secure zone 106 within the user device 102. User device 102 may also have a mobile wallet type application 108. Such a mobile wallet application 108 may be coupled to a mobile wallet server 110 and the mobile wallet server may include a database 112 for information related to the mobile wallet application. Also on user device 102 may be an application 114. Application 114 may be an ecommerce application. It is to be appreciated that in conventional implementations, exchanges between a mobile wallet application 108 and an application 114 would typically include an exchange of sensitive data 116. The application 114 may be coupled to its own application server 118. Sensitive data may be exchanged from application 114 to application server 118, and exit control from a user of mobile wallet application 108. While attempts to protect sensitive data may be put in place (for example, encryption during transfer), the fact of the matter is that sensitive information is exchanged with an application and then is exported outside of user device 102 to at least application server 118. External forces, as has been illustrated in the recent news, reveal that such servers and other locations of sensitive information may be open to breach, and even though measures of trust may be put in place during a transaction, post transaction concerns may exist and rightly so.

As will be discussed herein in relation to at least FIGS. 2-7 , what this disclosed innovation provides is a different approach to a “trust” (or secure) issue in an environment of computing devices involved in ecommerce (or other secure data transfer environments), rather than solely engaging in encryption and transferring sensitive financial information from one controlled data store to a data store of an ecommerce application for provision of some goods or services, thereby putting sensitive information into the cloud and to a vendor that itself may later suffer a loss of security and thus comprising sensitive financial information. The innovation may alleviate that level of effort by instead controlling sensitive financial information, either locking that information to a specific computing device secure location, or leaving the information secure on a controlled mobile wallet server (to be discussed in relation to FIG. 2 ). Through a computing device Operating System Extension (herein (“OSE”) component, applications (e.g., third party applications) may be registered with a controlling mobile wallet application, and backend transfer of funds, based on sensitive information, may occur outside a range of what ecommerce applications see, and exchanges, first of a payment confirmation token and then, at a time of payment, a payment authorization token or other suitable reconciliation process enables funds to be transferred from a mobile wallet application to an ecommerce application without the ecommerce application seeing sensitive financial information.

Turning now to FIG. 2 , illustrated are example system components of the disclosed innovation, according to one or more embodiments 200. A system according to an embodiment of the innovation may be comprised of a plurality of user device, user device 1 to M 202, where M is an integer. User devices may be smart phone, tablet, laptop, watch, IOT (Internet of Things device) or computing devices of the like and may be capable of connecting with other components or devices via a network, such as the Internet. User devices may also be capable of pairing with proximity devices to enable wireless transaction without using credit/debit cards, as will be discussed later in relation to FIG. 4 .

While it is to be appreciated that user devices 1 to M 202 may be equipped with their own native operating system 204, the innovation introduces a novel Operating System Extension 206 herein (“OSE”). The disclosed innovation provides that OSE 206 may be configured to interoperate with various operating systems 204 of various user devices 202 and thus provides a controlled operation of other features of the innovation regardless of a nature of operating system 204.

Further OSE 206 integrates and makes use of user device 1 to M 202’s secure zone 208. Secure zone 208 is a location on user device 1 to M 202 operating under heightened security control, and OSE 206 takes advantage of this heightened security to place a database of rules and mappings (not shown). Rules may include settings and configurations that enable multiple payment modes (for example, automatic and interactive or manual payment modes). OSE 206 may update a rules database with a registered application (for example one or more registered applications may comprise a subset of a plurality of application 1 to P 212), wherein such a subset of applications may support automatic payment alert/notification/requests based on one or more conditions/events associated with a payment transaction.

User Device 1 to M 202 may also have a plurality of mobile wallet application 1 to N 210, where N is an integer. Another aspect of the disclosed innovation is that subsets of a plurality of mobile wallet application 1 to N 210 may have different purposes and/or capabilities. A Mobile Wallet Application may be one of a plurality of mobile wallet applications. There may be a plurality of master mobile wallet applications as well as a plurality of non-master mobile wallet applications. A subset of non-master mobile wallet applications may include thin-client mobile wallet application. Thin-client mobile wallet applications may be configured and loaded on user computing devices of, for example, people associated with a master mobile wallet application on a different user device. For most any such devices then that have capability of network access, the innovation permits even devices lacking a master wallet application to engage in secure transactions.

Further, a master mobile wallet application and other mobile wallet applications may, through an OSE, have a set of predetermined rules associated with and controlling transactions, as well as may have a mapping of associated mobile wallet applications coupled with registered ecommerce applications. The disclosed innovation provides that through such an OSE, predetermined rules and mappings may be held local to a user computing device, in a computing device secure zone (as discussed herein).

Mobile wallet application 1 to N 210 may be coupled (or associated) with a mobile wallet server 216, which may include a mobile wallet server database 218. Mobile wallet server 216 is a service provider that enables payment and non-payment transactions for user devices. Mobile wallet server database 218 may store transaction and other details. Other capabilities of mobile wallet server 216 coupled with mobile wallet server database 218 may include: calendar application data and timed (or scheduled) payments, for example, bill payments such as utilities that occur on a timed interval, collecting data from other registered applications, for example, car selling applications, financial applications, hotel and travel applications, reward point aggregation from various applications, collecting meta-data from most all social network applications, prioritize wish list, and predictive analysis, including budget setting and setting expenditure limit setting such as for product shopping. It is to be appreciated that a scheduling application may be a calendar application or other application that may be a subset of application 1 to P 212 located on user device 1 to M 202 or may be in communicative connection with user device 1 to M 202 from a mobile wallet server 216, application server 1 to Q 220 or other source (not shown). Data indicating timing may be captured and stored in mobile wallet server database 218 or stored locally in memory (not shown) of user device 1 to M 202. OSE 206 may access or may be supplied a reminder from such scheduling data through a scheduling application and may trigger the transactions involving the trust aspects as disclosed herein.

Data, including rules and mappings may be provided from mobile wallet server database 218 and placed in secure zone 208 of user device 1 to M 202.

A plurality of applications 1 to P, where P is an integer, may be present on user device 1 to M 202. For this innovation, it is be understood that a registration 214 between mobile wallet application 1 to N 210 and application 1 to P 212 occurs, and details and mapping of the registration may be placed in secure zone 208 as well as in mobile wallet server database 218 (registration will be discussed herein). Application 1 to P 212 may also be coupled with application server 1 to Q 220, where Q is an integer. A subset of the plurality of application servers 1 to Q 220 may be most any servers for example, third party servers including, but not limited to, Flipkart, Amazon, Expedia, Make my trip, Telephone service providers, and the like. A plurality of application servers 1 to Q 220 may be coupled with user device 202 via a network, for example, the Internet (not shown).

A plurality of applications 1 to P 212 may include a subset of non-ecommerce applications. For example, a subset may be social media applications, calendar applications and other applications that may facilitate payment and non-payment transactions for a user of user device 1 to M 202. For further example, a subset may be applications that integrate a user calendar or schedule of events that synchronizes with at least a subset of mobile wallet application 1 to N 210 and rules and mappings stored in the secure zone 208 by OSE 206. Examples of such applications may include a reminder scheduler on a calendar app / reminder app, as may be provided on smart phones, an event reminder and payment triggering module, an event / invite monitor interface on a smartphone or other user devise that tracks events such as birthdays, anniversaries, social invites and the like. It is to be appreciated that such other devices may be extensive and may include receipt of input from most any item that may be characterized as “the Internet of Things” or “IOTs.”

OSE 206 may process data by rules and mappings stored in secure zone 208 or in addition or alternatively may receive updates from mobile wallet server 216. Mobile wallet server 216 may employ data aggregation APIs / edge analytics and push notifications to an event reminder module (not shown) on user device 1 to M 202. Edge analytics may look into relationship status, latest address or other details from social media, phonebook and contact data for additional information that may be related to ecommerce application processing (for example, retrieval of a shipping address for a purchased product tagged as a birthday gift).

A further example of an application in a subset of non-ecommerce applications, of applications 1 to P 212, may include a messaging module that may record / store / send messages to intended recipients as per rules in secure zone 208. Such rules may include a reminder set in an event monitor, and the disclosed innovation provides that a recorded message may be a user’s voice, a user’s video, an SMS text, an Email, a twitter message, a Facebook posting, or the like.

Registration 214 also encompasses registering a plurality of mobile wallet application 1 to N 210 with a particular of user device 1 to M 202 upon which the plurality of mobile wallet application 1 to N 210 resides, and this registration data may be stored in mobile wallet server database 218. The registration permits the services of mobile wallet server 216 to be engaged by user device 1 to M 202. Registration and the mobile wallet server database 218 also enable a determination that at least one rule or mappings on user devices connecting via a mobile wallet server 216 have updated rules and mappings available. An OSE 206 of a user device 202 may determine that at least one of a plurality of mobile wallet application 1 to N 210 may have rules or mappings to be updated, and obtain such updates and store the updates in a secure zone of an OSE related device.

Update capability may also be enacted in an example embodiment in which a subset of a plurality of mobile wallet applications is added to a device already including at least one mobile wallet application. In such a case, the OSE of the device with the at least one mobile wallet application interacting with a mobile wallet server 216 and a mobile wallet server database 218 would identify a changed mapping (e.g., via a mapping monitor component (not shown)) on the device, update the mapping and (e.g., via a mapping update component (not shown)) store the updated mapping (e.g., via a mapping storage component (not shown)) in a secure zone 208 of the device and in the mobile wallet server database 218. It is be appreciated that such changes to a plurality of mobile wallet application as well as changes to a plurality of application 1 to P 212 are tracked and maintained to reflect applications on user device 1 to M 202.

The disclosed innovation provides that mobile wallet server 216 may in some embodiments be coupled directly to the plurality of application server 1 to Q 220.

Activities related to backend processing between mobile wallet applications and location of funds may occur between a mobile wallet server and a secure funds server (not shown), and thus would remain outside of the interaction that ecommerce applications are involved with, lessening a desire for encryption or other measures between a computing device user and vendors of ecommerce goods and services.

Turning now to FIG. 3 , illustrated is an example method 300 according to one or more embodiments. The example method may engage a system as described in system 200, and shown in FIG. 2 . Likewise, aspects of an example method may be reflected in the interactions 400 and 500, as shown in FIGS. 4 and 5 , to be discussed later. Example method may begin at step 302, wherein a user device, such as user device 1 to M 202 of system 200, may engage in a transaction with an ecommerce application, such as a subset of application 1 to P 212 of system 200, through an ecommerce environment.

Transactions may be to obtain some product or service. Other transactions that may be dependent on a secure or trusted connection are also contemplated and may fall under the use of the term “obtain service.” It is to be appreciated that the term ecommerce application, application, third party application and the like may be used interchangeably, or may be associated with an ecommerce environment as the context of the use of the term makes clear.

Beginning at step 302, it is to be understood that the user device, the plurality of mobile wallet application and the plurality of application, such as user device 1 to M 202, mobile wallet application 1 to N 210 and application 1 to P 212 of system 200, have each been registered with a mobile wallet server, such as mobile wallet server 216 of system 200. At step 304, the ecommerce application engaged by the user device may request assurance. The requesting of assurance may take several forms, from a request for payment, an inquiry as to payment capability, a verification of the same, or an identity request and the like. Since the ecommerce application has been registered with a user mobile wallet application, such as a mobile wallet application 1 to N 210 of system 200, and a mapping between the two, along with related information, is kept secure in a user device secure zone, such as secure zone 208 of system 200, the ecommerce request may be handled without a transfer of secure financial information from a user to the ecommerce application.

In this example, it is to be appreciated that most all such requests prior to the innovation disclosed herein would involve handling and transfer of secure and sensitive data. Upon receipt of the assurance request by an OSE, such as OSE 206 of system 200, the OSE may determine, verify, and select, by using predetermined rules and mappings located in a secure zone, which of a plurality of mobile wallet application controls processing with a particular ecommerce application for a particular event. The disclosed innovation provides that a pre-determined rule set allows for a great variety of conditional controls and actions between a plurality of mobile wallet applications. It is also to be appreciated that the plurality of mobile wallet application may include mobile wallet applications of various capabilities (as was discussed in relation to FIG. 2 and will be further discussed later in relation to FIG. 5 ).

At step 308, the selected mobile wallet application passes along the assurance request and related information to a mobile wallet server, such as mobile wallet server 216 of system 200. Information may be related to a purchase of goods or services from the ecommerce application, or may be of other transactions dealing with sensitive information. At step 310 the mobile wallet server performs backend processes, including, but not limited to verifying funds with funds providers, and, with approval (as may be denoted by rules within secure zone as controlled by device OSE, or as rules may permit, an OSE of a separate device, as will be discussed later in relation to FIG. 5 ), the mobile wallet server generates a confirmation message and confirmation token.

At step 312, the OSE through the selected mobile wallet application provides the confirmation and token to the ecommerce application. Upon receipt, the ecommerce application performs service at 314. The disclosed innovation provides that by “performing service,” it is contemplated that service may be a provisioning of goods, services (actions) or other transaction as previously noted. After (or in some embodiments, during) step 314, the OSE, at step 316 determines rules for finalizing payment.

While not specifically illustrated, in another embodiment, rules and mapping in OSE may provide limited permission to an ecommerce application to partially perform once a confirmation token is received, but not commit to a full action or completion of service until a separate approval step has been reached. This may reflect the embodiment mentioned above in which step 316 occurs during step 314. In such an embodiment, ecommerce application performance may reflect levels predetermined and set at a registration sub-step inherent in step 302 referenced earlier.

At 318 the selected mobile wallet application may interact with a mobile wallet server to provide reconciliation of payment, and at step 320 the OSE, through the selected mobile wallet application, interacts with the ecommerce application to reconcile payment, and the OSE updates transaction details respectively. Another aspect of the innovation is that the reconciliation may center around an exchange of tokens and confirmations, or in some embodiments a transfer of funds from a mobile wallet server, such as mobile wallet server 216 of system 200 directly to an application server, such as application server 1 to Q 220 of system 200. The reconciliation occurs without sharing at least a subset of sensitive financial information during the entire process between the mobile wallet system (server, database and plurality of mobile wallet application) and the ecommerce application systems. The disclosed innovation provides that funds transfer may be through most any number of manners controlled by the predetermined rules.

FIG. 4 is an illustration of an example interaction 400 in accordance with one or more aspects of the disclosed innovation. The interaction 400 is an illustration of an example interaction of a device to device interaction between a user device 402 and an application device 422. Application device 422 may comprise an application enabler 424. Application enabler 424 may be most any component that interacts with application 416 on user device 402. It is to be appreciated that details of application device 422 are left at a high level of discussion, as many application devices are contemplated to be able to be accommodated by the disclosed innovation. User Device 402 may be as described earlier in relation to FIG. 2 , such as being one of a plurality of user device 1 to M 202, named items in FIG. 4 being similar to like named items in FIG. 2 . While some elements are not pictured for clarity, what is shown in this embodiment is not to be considered limiting on its own, and that this and other embodiments may share features and capabilities discussed individually.

As illustrated with a bidirectional arrow, user device 402 may connect directly with application device 422. Application device 422, with application enabler 424 may handle interactions with application 416 on user device 402. System 400 may employ a secure process and interaction between a mobile wallet application 1 to M 406 and an ecommerce application 416 similar as to disclosed and discussed in relation to FIG. 3 . FIG. 4 highlights an aspect of the innovation in that improved trust or secure transactions may be employed within a system as reflected in system 200, or in an interaction, such as in interaction 400, in which a separate application device is in communication with user device 402. In outward appearances, this may be similar to many “tap and pay” or other ecommerce transactions, but with the innovative aspect of a transaction being completed without sensitive secure information related to a mobile wallet application 1 to M 406 being shared with an application 416, an application device 422, an application enabler 424 or an application server 418. Additionally, hardware processing capabilities, for example, speed of identified registration data transfer or speed of transactions, may be improved and the innovative reduction in breach concerns for all parties involved provides a material benefit.

Turning to FIG. 5 , another aspect of the disclosed innovation is presented. Another aspect of the disclosed innovation is that the example interaction as discussed in the embodiment in relation to FIG. 5 may be reflected in a method, such as method 300 of FIG. 3 , or may reflect components of a system, for example system 200 of FIG. 2 . The example interaction of FIG. 5 illustrates how a plurality of user device may operate in tandem in order to provide ecommerce transactions without sharing of at least a subset of users sensitive secure information from sets of mobile wallet applications 1 to M 508 and sets of mobile wallet applications 1 to P 528 with sets of plurality of application 1 to N 516 and plurality of application 1 to Q 530, or with a plurality of application server 1 to R 518. Specifically, FIG. 5 illustrates an aspect of the disclosed innovation in regards to the ability to use a thin-client mobile wallet application (as a subset of mobile wallet application 1 to M 508) located on user device 1 502 in conjunction with a use of a master mobile wallet application (as a subset of mobile wallet application 1 to P 528 on user device 522 in order to engage an ecommerce application (for example, a subset of application 1 to N 516) on user device 1 502 to engage a secure or trusted ecommerce transaction specifically in a ecommerce environment.

User device 1 502 and user device 2 522 may be as described earlier in relation to FIG. 2 , such as each user device being one of a plurality of user device 1 to M 202, named items in FIG. 5 may be similar to like named items in FIG. 2 . While some elements are not illustrated for clarity, what is shown in this embodiment is not to be considered limiting of itself, and that this and other embodiments may share features and capabilities discussed individually. As pictured with a bidirectional arrow, user device 502 may connect directly with user device 522.

Aspects of the disclosed innovation provides that the devices, the mobile wallet applications, and the applications are all each registered with mobile wallet server 512, and that mapping of devices, plurality of mobile wallet application and registered applications are captured and stored in at least mobile wallet server database 514. Additionally, rules, data and mappings related to mobile wallet application 1 to M 508 and plurality of application 1 to N 516 are located in secure zone 1 506. Similarly, rules, data and mappings related to mobile wallet application 1 to P 528 and plurality of application 1 to Q 530 are located in secure zone 2 506. Another aspect of the disclosed innovation is that mobile wallet server database may coordinate at least one of mobile wallet application 1 to M 508 with at least one of mobile wallet application 1 to P 528.

In an embodiment, mobile wallet application 1 to M 508 need not contain a master mobile wallet application. In this embodiment, for example, user device 1 may belong to a child, and the mobile wallet applications of mobile wallet application 1 to M may be of limited capabilities. In this same embodiment, User device 2 522 belongs to a parent, and one of the mobile wallet applications 1 to P 528 is an associated master mobile wallet application which by predetermined rules located respectively in each device (and in mobile wallet server database 514) control the thin-client mobile wallet application. By working in conjunction, user device 1 may still engage with ecommerce applications, but with control as set by predetermined rules located at least in secure zone 1 506, and thus approval and processing of engaging ecommerce applications, for example, in a method 300 as discussed in FIG. 3 may occur, but subject to rules in user device 1 and rules in user device 2. An embodiment discloses an ability to operate device to device provides that wherein only one device may have an ecommerce application, but includes a mapping in that first device, control may propagate through the mapping, to related mobile wallet applications, even mobile wallet applications on different devices.

Referencing the method as discussed in FIG. 3 , the following illustrates how such a method may be undertaken by example interaction such as example interaction 500 of FIG. 5 . In this embodiment, an example method may begin as at step 302, but here, a first user device, user device 1 502, may engage in a transaction with an ecommerce application, such as a subset of application 1 to N 516, through an ecommerce environment. At step 302, it is to be understood that user devices (both user device 1 502 and user device 522), plurality of mobile wallet application (both mobile wallet application 1 to M 508 and mobile wallet application 1 to P 528) and plurality of application (both application 1 to N 516 and application 1 to Q 530), have each been registered with a mobile wallet server, such as mobile wallet server 512. At step 304, the ecommerce application engaged by the user device may request assurance.

It is to be appreciated that the requesting of assurance may take several forms, from a request for payment, an inquiry as to payment capability, a verification of the same, or an identity request and the like. Since the ecommerce application has been registered with a user mobile wallet application, such as a thin-client mobile wallet application (a subset of 1 to M 508), and mappings between each, along with related information, are kept secure in a user device secure zone, such as secure zone 1 506 as well as mobile wallet server database 514, the ecommerce request may be handled without a transfer of secure financial information from a user to an ecommerce application. Upon receipt of the assurance request by user device 1 502, OSE 504 may determine, verify, and select, by using predetermined rules and mappings located in the secure zone 1 506, which of a plurality of mobile wallet application controls the process of dealing with a particular ecommerce application for a particular event.

Pre-determined rule sets allow for a great variety of conditional controls and actions between the plurality of mobile wallet application. In this embodiment, rules in secure zone 1 506 indicate that a master mobile wallet application (one of mobile wallet application 1 to P 528) is the selected mobile wallet application for the transaction. Upon rules determination, such an assurance request may trigger a message to a user associated with the master mobile wallet application. In this embodiment, OSE 504 works with user device 2 522 and the OSE 524 of user device 522. The disclosed innovation provides that a multiple of master mobile wallet applications may be associated with the thin-client mobile wallet application and these multiple of master mobile wallet applications may exist on a number of user devices, but for the sake of discussion simplicity and not limitation, reference will be made to a single separate user device, user device 2 522. At step 308, the selected mobile wallet application passes along the assurance request and related information to a mobile wallet server, such as mobile wallet server 512. Related information may be, for example, related to a purchase of goods or services from the ecommerce application located on use device 1, and pertinent details and request are passed seamlessly from OSE 504 of user device 1 to OSE 524 of user device 522. At step 310 the mobile wallet server performs backend processes, including, but not limited to verifying funds with funds providers, and, with approval (as may be denoted by the rules within the secure zone 2 526 as controlled by user device 2 OSE 524), the mobile wallet server generates a confirmation message and confirmation token.

At step 312, the OSE 524 through the master mobile wallet application (one of mobile wallet application 1 to P 528) provides the confirmation and token to the ecommerce application through the thin-client mobile wallet application and OSE 504 of user device 1 502. Once the confirmation and token are received at the ecommerce application, the ecommerce application performs service at 314. The disclosed innovation provides that by “performing service,” it is contemplated that the service may be a provisioning of goods, services (actions) or other transaction as previously noted. After (or in some embodiments, during) step 314, controlling OSE 524 of user device 2 in conjunction with subordinate OSE 504 of user device 1 502, at step 316 determines rules for finalizing payment.

As in method 300 of FIG. 3 , in an embodiment, controlling OSE 524 of user device 2 in conjunction with subordinate OSE 504 of user device 1 502 may provide limited permission to an ecommerce application to partially perform once a confirmation token is received, but not commit to a full action or completion of service until a separate approval step has been reached. This may reflect the embodiment mentioned above in which step 316 occurs during step 314. In such an embodiment, ecommerce application performance may reflect levels predetermined and set at a registration sub-step inherent in step 302 referenced earlier.

At 318 master mobile wallet application may interact with mobile wallet server 512 to provide reconciliation of payment, and at step 320, OSE 524, through the master mobile wallet application, and through thin-client mobile wallet application and OSE 504 of user device 1 interacts with the ecommerce application to reconcile payment, and both OSE 504 and OSE 524 update transaction details respectively. The disclosed innovation provides that reconciliation may center around an exchange of tokens and confirmations, or in some embodiments a transfer of funds may be direct, as from a mobile wallet server, such as mobile wallet server 512 directly to an application server, such as application server 1 to R 518. The reconciliation occurs without sharing at least a subset of sensitive financial information during the entire process between mobile wallet system (server, database and plurality of mobile wallet application) and ecommerce application systems. Another aspect of the disclosed innovation is that funds transfer may be through most any number of manners controlled by predetermined rules.

While for purposes of simplicity of explanation, the methods are shown and described as a series of blocks, it is to be understood and appreciated that the claimed subject matter is not limited by the order of the blocks, as some blocks may occur in different orders and/or concurrently with other blocks from what is depicted and described herein. Moreover, not all illustrated blocks may be required to implement the methods described hereinafter

Still another embodiment involves a computer-readable medium including processor-executable instructions configured to implement one or more embodiments of the techniques presented herein. An embodiment of a computer-readable medium or a computer-readable device devised in these ways is illustrated in FIG. 6 , wherein an implementation 600 includes a computer-readable medium 602, such as a CD-R, DVD-R, flash drive, a platter of a hard disk drive, etc., on which is encoded computer-readable data 604. This computer-readable data 604, such as binary data including a plurality of zero’s and one’s as shown in 604, in turn includes a set of computer instructions 606 configured to operate according to one or more of the principles set forth herein. In one such embodiment 600, the processor-executable computer instructions 606 may be configured to perform a method 608, such as the method 300 of FIG. 3 . In another embodiment, the processor-executable instructions 606 may be configured to implement a system, such as the system 200 of FIG. 2 . Many such computer-readable media may be devised by those of ordinary skill in the art that are configured to operate in accordance with the techniques presented herein.

As used in this application, the terms “component”, “module,” “system”, “interface”, and the like are generally intended to refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, or a computer. By way of illustration, both an application running on a controller and the controller may be a component. One or more components residing within a process or thread of execution and a component may be localized on one computer or distributed between two or more computers.

Further, the claimed subject matter is implemented as a method, apparatus, or article of manufacture using standard programming or engineering techniques to produce software, firmware, hardware, or most any combination thereof to control a computer to implement the disclosed subject matter. The term “article of manufacture” as used herein is intended to encompass a computer program accessible from most any computer-readable device, carrier, or media. Of course, many modifications may be made to this configuration without departing from the scope or spirit of the claimed subject matter.

FIG. 7 and the following discussion provide a description of a suitable computing environment to implement embodiments of one or more of the provisions set forth herein. The operating environment of FIG. 7 is merely one example of a suitable operating environment and is not intended to suggest any limitation as to the scope of use or functionality of the operating environment. Example computing devices include, but are not limited to, personal computers, server computers, handheld or laptop devices, mobile devices, such as mobile phones, Personal Digital Assistants (PDAs), media players, and the like, multiprocessor systems, consumer electronics, mini computers, mainframe computers, distributed computing environments that include most any of the above systems or devices, etc.

Generally, embodiments are described in the general context of “computer readable instructions” being executed by one or more computing devices. Computer readable instructions may be distributed via computer readable media as discussed herein. Computer readable instructions may be implemented as program modules, such as functions, objects, Application Programming Interfaces (APIs), data structures, and the like, that perform one or more tasks or implement one or more abstract data types. Typically, the functionality of the computer readable instructions are combined or distributed as desired in various environments.

FIG. 7 illustrates a system 700 including a computing device 702 configured to implement one or more embodiments provided herein. In one configuration, computing device 702 includes at least one processing unit 704 and memory 706. Depending on the exact configuration and type of computing device, memory 706 may be volatile, such as RAM, non-volatile, such as ROM, flash memory, etc., or a combination of the two. This configuration is illustrated in FIG. 7 by dashed line 708.

In other embodiments, device 702 includes additional features or functionality. For example, device 702 may include additional storage such as removable storage or non-removable storage, including, but not limited to, magnetic storage, optical storage, etc. Such additional storage is illustrated in FIG. 7 by storage 710. In one or more embodiments, computer readable instructions to implement one or more embodiments provided herein are in storage 710. Storage 710 may store other computer readable instructions to implement an operating system, an application program, etc. Computer readable instructions may be loaded in memory 706 for execution by processing unit 704, for example.

The term “computer readable media” as used herein includes computer storage media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in most any method or technology for storage of information such as computer readable instructions or other data. Memory 706 and storage 710 are examples of computer storage media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVDs) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or most any other medium which may be used to store the desired information and which may be accessed by device 702. Most any such computer storage media is part of device 702.

Device 702 includes input device(s) 712 such as keyboard, mouse, pen, voice input device, touch input device, infrared cameras, video input devices, or most any other input device. Output device(s) 714 such as one or more displays, speakers, printers, or most any other output device may be included with device 702. Input device(s) 712 and output device(s) 714 may be connected to device 702 via a wired connection, wireless connection, or most any combination thereof. In one or more embodiments, an input device or an output device from another computing device may be used as input device(s) 712 or output device(s) 714 for computing device 702. Device 702 may include communication connection(s) 716 to facilitate communications with one or more other devices 718, and such communication may occur over a network, for example network 720.

Although, in accordance with some aspects, the subject matter has been described herein in language specific to structural features or methodological acts, it is to be understood that the subject matter of the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example embodiments.

Various operations of embodiments are provided herein. The order in which one or more or all of the operations are described should not be construed as to imply that these operations are necessarily order dependent. Alternative ordering will be appreciated based on this description. Further, not all operations may necessarily be present in each embodiment provided herein.

As used in this application, “or” is intended to mean an inclusive “or” rather than an exclusive “or”. Further, an inclusive “or” may include any combination thereof (e.g., A, B, or any combination thereof). In addition, “a” and “an” as used in this application are generally construed to mean “one or more” unless specified otherwise or clear from context to be directed to a singular form. Additionally, at least one of A and B and/or the like generally means A or B or both A and B. Further, to the extent that “includes”, “having”, “has, “with”, or variants thereof are used in either the detailed description or the claims, such terms are intended to be inclusive in a manner similar to the term “comprising”.

Further, unless specified otherwise, “first”, “second”, or the like are not intended to imply a temporal aspect, a spatial aspect, an ordering, etc. Rather, such terms are merely used as identifiers, names, etc. for features, elements, items, etc. For example, a first channel and a second channel generally correspond to channel A and channel B or two different or two identical channels or the same channel. Additionally, “comprising”, “comprises”, “including”, “includes”, or the like generally means comprising or including, but not limited to.

Although the disclosure has been shown and described with respect to one or more implementations, equivalent alterations and modifications will occur based on a reading and understanding of this specification and the annexed drawings. The disclosure includes all such modifications and alterations and is limited only by the scope of the following claims.

What has been described above includes examples of the innovation. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the subject innovation, but one of ordinary skill in the art may recognize that many further combinations and permutations of the innovation are possible. Accordingly, the innovation is intended to embrace all such alterations, modifications and variations that fall within the spirit and scope of the appended claims. Furthermore, to the extent that the term “includes” is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term “comprising” as “comprising” is interpreted when employed as a transitional word in a claim. 

What is claimed is:
 1. A method of enabling a secured transaction between a first computing device and an ecommerce application among a plurality of ecommerce applications of the first computing device, the method comprising: engaging, by the first computing device, the ecommerce application that has been registered with one or more mobile wallet applications of the first computing device; receiving, by the first computing device, a payment request from the ecommerce application; determining, by an Operating System Extension (OSE) of the first computing device and based on a set of rules associated with the one or more mobile wallet applications, a master mobile wallet application for processing the payment request from the ecommerce application, wherein the set of rules comprises mappings of the one or more mobile wallet applications to the plurality of ecommerce applications, and wherein a mobile wallet application, among the one or more mobile wallet applications, that is mapped to the ecommerce application in the set of rules is selected as the master mobile wallet application; sending, by the OSE, upon verifying at least a subset of rules associated with the ecommerce application, through the master mobile wallet application, at least the payment request to a mobile wallet server associated with the master mobile wallet application; receiving, by the OSE through the master mobile wallet application and from the mobile wallet server, a payment confirmation message along with a payment confirmation token, the payment confirmation token indicating a verification of available funds by the mobile wallet server; sending, by the OSE and to the ecommerce application, (i) the payment confirmation message (ii) the payment confirmation token and (iii) limited permission, based at least on the set of rules, for the ecommerce application to partially complete a provisioning of a product or service related to the payment request to the ecommerce application; and upon the partial completion of the provisioning of the product or service related to the payment request: receiving, by the OSE, a payment authorization request from the ecommerce application; forwarding, by the OSE, through the master mobile wallet application, to the mobile wallet server, the payment authorization request; backend processing that obtains funds, by the mobile wallet server, without sharing sensitive data of a user associated with the master mobile wallet application with the ecommerce application for the secured transaction; receiving, by the OSE through the master mobile wallet application, funds; and resolving payment, by the OSE through the master mobile wallet application, with the ecommerce application.
 2. The method of claim 1, wherein the set of rules is located within a secure zone of the first computing device.
 3. The method of claim 2, wherein determining the master mobile wallet application further comprises: receiving, from the mobile wallet server, an update to a rule associated with the ecommerce application or with the one or more mobile wallet applications; storing the updated rule in the secure zone; and applying the updated rule.
 4. The method of claim 1, further comprising: engaging, by a second computing device that comprises a thin-client mobile wallet application and not the master mobile wallet application, the ecommerce application; and sending, by an OSE of the second computing device and through the thin-client mobile wallet application, a request to the first computing device so that the OSE of the first computing device is enabled to perform the method, wherein receiving the payment confirmation message includes an approval through the master mobile wallet application.
 5. The method of claim 4, wherein the approval through the master mobile wallet application comprises approval, at least in part, through: the set of rules of the first computing device, an approving reply to an instant message associated with the master mobile wallet application, or both the set of rules and the approving reply.
 6. The method of claim 1, wherein the payment confirmation message includes an approval through the master mobile wallet application, wherein the approval through the master mobile wallet application comprises approval, at least in part, through: the set of rules of the first computing device, an approving reply to an instant message associated with the master mobile wallet application; or both the set of rules and the approving reply.
 7. The method of claim 1, wherein the payment request comprises one of an automated pay request, an interactive pay request, and a conditional pay request.
 8. The method of claim 7, wherein the payment request includes interaction with timing rules, and the timing rules interact with a calendar application.
 9. The method of claim 8, wherein the calendar application is part of the ecommerce application, the one or more mobile wallet applications, or a stand-alone application.
 10. The method of claim 7, wherein the automated pay request is based at least in part on the set of rules located in a secure zone of the first computing device initiating the secured transaction with the ecommerce application.
 11. A system for enabling a secured transaction, the system comprising a plurality of user devices, wherein a first user device of the plurality of user devices comprises: one or more mobile wallet applications associated with a mobile wallet server, wherein the mobile wallet server controls backend processing of the secured transaction, an ecommerce application, among a plurality of ecommerce applications, that is registered with the one or more mobile wallet applications, where the ecommerce application, upon being engaged by the first user device, provides a payment request, a secure zone that stores predetermined rules and mappings of the one or more mobile wallet applications and the ecommerce application, and an OSE that is configured to enable the secured transaction between the first user device and the ecommerce application without sharing a subset of sensitive financial data of a user associated with the one or more mobile wallet applications to the ecommerce application, wherein the OSE enables: receiving the payment request; determining a master mobile wallet application of the one or more mobile wallet applications for processing the payment request upon verifying the predetermined rules and mappings located in the secure zone, wherein the predetermined rules and mappings comprise mappings of the one or more mobile wallet applications to the plurality of ecommerce applications, and wherein a mobile wallet application, among the one or more mobile wallet applications, that is mapped to the ecommerce application in predetermined rules and mappings is selected as the master mobile wallet application; sending the payment request along with payment details to the master mobile wallet application upon the determination; initiating an interaction between the master mobile wallet application and the mobile wallet server, wherein the mobile wallet server generates and sends a payment confirmation message and a payment confirmation token to the master mobile wallet application; receiving the payment confirmation token and the payment confirmation message from the master mobile wallet application, the payment confirmation token indicating a verification of available funds by the mobile wallet server; sending (i) the payment confirmation message, (ii) the payment confirmation token, and (iii) limited permission, based at least on the predetermined rules, for the ecommerce application to partially complete a provisioning of a product or service related to the payment request to the ecommerce application, wherein the payment confirmation token permits the ecommerce application to partially process a goods or service offering associated with the payment request; receiving, from the ecommerce application and in response to the payment confirmation message, a payment authorization request; receiving, from the master mobile wallet application, a payment authorization token; and reconciling the payment authorization token received from the master mobile wallet application with the payment authorization request received from the ecommerce application, the reconciliation permitting a funds transfer from the master mobile wallet application to the ecommerce application without sharing the subset of sensitive financial data to the ecommerce application.
 12. The system of claim 11, wherein the OSE further enables: receiving, from the mobile wallet server, an update to a rule associated with the ecommerce application or the one or more mobile wallet applications; storing the updated rule in the secure zone; and applying the updated rule.
 13. The system of claim 11, wherein receiving the payment confirmation token and the payment confirmation message from the master mobile wallet application further comprises receiving an approval through the master mobile wallet application, the approval comprises approval, at least in part, through: the predetermined rules of the first user device; an approving reply to an instant message from a user associated with the master mobile wallet application; or both the predetermined rules and the approving reply.
 14. The system of claim 11, wherein the payment request comprises one of an automated pay request, an interactive pay request, and a conditional pay request.
 15. The system of claim 11, wherein the payment request includes interaction with timing rules, wherein the timing rules interact with a calendar application, and wherein the calendar application is part of the ecommerce application, the one or more mobile wallet applications, or a stand-alone application.
 16. The system of claim 11, wherein in an instance in which a second user device initiates the secured transaction with a thin-client mobile wallet application that is associated with the master mobile wallet application residing on the first user device, an OSE of the second user device is configured to: send a continuation request for the OSE of the first user device to continue processing the secured transaction, wherein the continuation request triggers a message to the user associated with the master mobile wallet application, wherein upon receipt of an indication approving the continuation request, the OSE of the first user device operates with the thin-client mobile wallet application to permit the ecommerce application to process the goods or service offering.
 17. The system of claim 16, wherein receiving the payment confirmation token and the payment confirmation message from the master mobile wallet application further comprises: receiving an approval through the master mobile wallet application, the approval comprising approval, at least in part, through: the predetermined rules of the first user device; an approving reply to an instant message from the user associated with the master mobile wallet application; or both the predetermined rules and the approving reply.
 18. The system of claim 14, wherein the automated pay request is based at least in part on the predetermined rules located in the secure zone of the first user device. 